diff mbox

[1/1] usbredir: fixes a block when redirecting a usb 3.0 device to xhci

Message ID tencent_7D167F437133CF4E31146E4C@qq.com (mailing list archive)
State New, archived
Headers show

Commit Message

=?gb18030?B?y9XG5NDb?= Jan. 25, 2016, 3:27 a.m. UTC
Hi,


I am using qemu 2.1.2 and the qemu process blocked when redirecting a usb 3.0 device to xhci.


QEMU parameters are as follows:
#!/bin/sh
gdb /root/sqx/qemu-root/bin/qemu-system-x86_64 --args /root/sqx/qemu-root/bin/qemu-system-x86_64 \
-name win7_sqx_qemu \
-machine pc-i440fx-2.1,accel=kvm,usb=off \
-m 1024 \
-realtime mlock=off \
-smp 1,sockets=1,cores=1,threads=1 \
-uuid 2792b55d-f9b0-4e81-bf71-466ca7338628 \
-no-user-config \
-nodefaults \
-chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/win7_sqx.monitor,server,nowait \
-mon chardev=charmonitor,id=monitor \
-rtc base=localtime \
-no-shutdown \
-global PIIX4_PM.disable_s3=1 \
-global PIIX4_PM.disable_s4=0 \
-boot strict=on \
-device nec-usb-xhci,id=xhci,bus=pci.0,p2=6,p3=6,addr=0x1.0x2 \
-device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x5 \
-drive file=/opt/sqx/win7_sqx.append,if=none,id=drive-ide0-0-0,format=qcow2,cache=writeback \
-device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \
-chardev pty,id=charserial0 \
-device isa-serial,chardev=charserial0,id=serial0 \
-chardev pty,id=charserial1 \
-device isa-serial,chardev=charserial1,id=serial1 \
-chardev spicevmc,id=charchannel0,name=vdagent \
-device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 \
-device usb-tablet,id=input0 \
-spice port=5950,addr=0.0.0.0,disable-ticketing,seamless-migration=on \
-vnc 0.0.0.0:51 \
-device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,bus=pci.0,addr=0x3 \
-device intel-hda,id=sound0,bus=pci.0,addr=0x4 \
-device hda-micro,id=sound0-codec0,bus=sound0.0,cad=0 \
-device hda-duplex,id=sound0-codec1,bus=sound0.0,cad=1 \
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6 \
-chardev spicevmc,name=usbredir,id=usbredirchardev1 \
-device usb-redir,chardev=usbredirchardev1,id=usbredirdev1,bus=xhci.0 \
-chardev spicevmc,name=usbredir,id=usbredirchardev2 \
-device usb-redir,chardev=usbredirchardev2,id=usbredirdev2,bus=xhci.0 \
-chardev spicevmc,name=usbredir,id=usbredirchardev3 \
-device usb-redir,chardev=usbredirchardev3,id=usbredirdev3,bus=xhci.0 \
-cpu SandyBridge,+vmx,hv-relaxed=on \


The debug information is as follows:
qemu-system-x86_64: hw/usb/core.c:417: usb_handle_packet: Assertion `dev->state == 3' failed.


Program received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffebbfd700 (LWP 6371)]
0x00007ffff3f98925 in raise () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff3f98925 in raise () from /lib64/libc.so.6
#1  0x00007ffff3f9a105 in abort () from /lib64/libc.so.6
#2  0x00007ffff3f91a4e in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007ffff3f91b10 in __assert_fail () from /lib64/libc.so.6
#4  0x00005555558bd576 in usb_handle_packet (dev=0x5555566be1e0, p=0x7fffe400eaa0) at hw/usb/core.c:417
#5  0x00005555558da5b3 in xhci_fire_ctl_transfer (xhci=0x7fffeab38010, xfer=0x7fffe400ea98)
    at hw/usb/hcd-xhci.c:1958
#6  0x00005555558db23e in xhci_kick_ep (xhci=0x7fffeab38010, slotid=2, epid=1, streamid=0)
    at hw/usb/hcd-xhci.c:2199
#7  0x00005555558de358 in xhci_doorbell_write (ptr=0x7fffeab38010, reg=2, val=1, size=4) at hw/usb/hcd-xhci.c:3361
#8  0x000055555564878c in memory_region_write_accessor (mr=0x7fffeab38cd8, addr=8, value=0x7fffebbfca68, size=4, 
    shift=0, mask=4294967295) at /root/sqx/src/qemu-2.1.2/memory.c:444
#9  0x00005555556488d9 in access_with_adjusted_size (addr=8, value=0x7fffebbfca68, size=4, access_size_min=1, 
    access_size_max=4, access=0x5555556486ea <memory_region_write_accessor>, mr=0x7fffeab38cd8)
    at /root/sqx/src/qemu-2.1.2/memory.c:481
#10 0x000055555564bb07 in memory_region_dispatch_write (mr=0x7fffeab38cd8, addr=8, data=1, size=4)
    at /root/sqx/src/qemu-2.1.2/memory.c:1138
#11 0x000055555564f650 in io_mem_write (mr=0x7fffeab38cd8, addr=8, val=1, size=4)
    at /root/sqx/src/qemu-2.1.2/memory.c:1976
#12 0x00005555555f7be9 in address_space_rw (as=0x555555e4d6c0, addr=4228194312, buf=0x7ffff7edb028 "\001", len=4, 
    is_write=true) at /root/sqx/src/qemu-2.1.2/exec.c:2077
#13 0x00005555555f8002 in cpu_physical_memory_rw (addr=4228194312, buf=0x7ffff7edb028 "\001", len=4, is_write=1)
    at /root/sqx/src/qemu-2.1.2/exec.c:2156
#14 0x00005555556451d4 in kvm_cpu_exec (cpu=0x55555661f070) at /root/sqx/src/qemu-2.1.2/kvm-all.c:1743
#15 0x000055555562b95c in qemu_kvm_cpu_thread_fn (arg=0x55555661f070) at /root/sqx/src/qemu-2.1.2/cpus.c:874
#16 0x00007ffff6bad9d1 in start_thread () from /lib64/libpthread.so.0
#17 0x00007ffff404eb6d in clone () from /lib64/libc.so.6



The following is a patch.





Thank you very much!


Regards,
------------------
Su Qixiong
diff mbox

Patch

Index: hw/usb/redirect.c
===================================================================
--- hw/usb/redirect.c	(revision 23283)
+++ hw/usb/redirect.c	(working copy)
@@ -1840,6 +1840,17 @@ 
     free(dev->filter_rules);
 }
 
+static void usbredir_handle_attach(USBDevice *udev)
+{
+    assert(udev != NULL);
+    assert(udev->attached);
+    assert(udev->state == USB_STATE_ATTACHED);
+
+    if (udev->speed == USB_SPEED_SUPER && (udev->port->speedmask & USB_SPEED_MASK_SUPER)) {
+        udev->state = USB_STATE_DEFAULT;
+    }
+}
+
 static int usbredir_check_filter(USBRedirDevice *dev)
 {
     if (dev->interface_info.interface_count == NO_INTERFACE_INFO) {
@@ -3014,6 +3025,7 @@ 
     uc->init           = usbredir_initfn;
     uc->product_desc   = "USB Redirection Device";
     uc->handle_destroy = usbredir_handle_destroy;
+    uc->handle_attach = usbredir_handle_attach;
     uc->cancel_packet  = usbredir_cancel_packet;
     uc->handle_reset   = usbredir_handle_reset;
     uc->handle_data    = usbredir_handle_data;